A former Cisco engineer, Sudhish Kasaba Ramesh, was sentenced this week to 24 months in prison for accessing Cisco’s network without authorization after he left the company and then destroying servers that hosted infrastructure for the Cisco Webex Teams service.
A plea agreement filed in July 2020 revealed that the 30-year-old man accessed Cisco’s cloud infrastructure hosted on Amazon Web Services without permission on September 24, 2018, after resigning from the company five months earlier, in April 2018.
According to court documents, Ramesh worked for Cisco between July 2016 and April 2018, when he resigned and joined another company.
However, for reasons not mentioned in the indictment, five months later, in September 2018, Ramesh accessed Cisco’s cloud infrastructure hosted on Amazon’s Web Services.
Investigators said Ramesh then proceeded to run a script that deleted 456 virtual machines that were supporting Cisco’s video conferencing software WebEx Teams, actions that resulted in the temporary deletion of more than 16,000 Webex accounts.
It took Cisco two weeks to recover the accounts and rebuild its systems, costing the company more than $2.4 million, with $1,400,000 in employee time and $1,000,000 in customer refunds.
The tech giant’s management brought the case to law enforcement as soon as it realized the Webex Teams outage was the result of intentional sabotage and not a server issue.
Although Ramesh apologized for his actions, the former Cisco engineer never explained what drove him to delete Cisco’s servers. Besides serving the next two years in prison, Ramesh was also ordered to pay a $15,000 fine.
Ramesh was also fired from his job at his current employer, personal lifestyle site Stich Fix, and is scheduled to begin his prison sentence next year, on February 10. Cisco said that the incident didn’t expose any of its customers’ data, and the company restored service to all affected parties.
